CVE-2025-11152Integer Overflow or Wraparound in Mozilla Firefox

CWE-190Integer Overflow or Wraparound5 documents5 sources
Severity
8.6HIGHNVD
EPSS
0.1%
top 82.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedSep 30

Description

Sandbox escape due to integer overflow in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 143.0.3.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:LExploitability: 3.9 | Impact: 4.7

Affected Packages1 packages

NVDmozilla/firefox< 143.0.3

🔴Vulnerability Details

2
CVEList
Sandbox escape due to integer overflow in the Graphics: Canvas2D component2025-09-30
OSV
CVE-2025-11152: Sandbox escape due to integer overflow in the Graphics: Canvas2D component2025-09-30

📋Vendor Advisories

2
Debian
CVE-2025-11152: firefox - Sandbox escape due to integer overflow in the Graphics: Canvas2D component. This...2025
Mozilla
Mozilla Foundation Security Advisory 2025-80: CVE-2025-11152
CVE-2025-11152 — Integer Overflow or Wraparound | cvebase